As networked computer systems proliferate, individuals or corporations are subject to more and more unwanted attacks on their systems. For example, hackers have been reportedly successful in infiltrated into user's financial accounts and perform unauthorized transactions from the accounts. Further, even certain cryptographic applications have been proven vulnerable, because the trusted software is replaced with infected code without being detected. As a result, confidential information embedded in the application, such as the user's private key, is leaked out in the normal output of the application. Yet another type of attack is software viruses. These viruses infect their targets by masquerading as popular software or by attaching themselves to programs. When the target is infected, its confidential information may be compromised, or worse yet, its content may be destroyed.
In order to combat these attacks, users need methods of authenticating the origin of software and validating the integrity of the software. Many existing methods today address one aspect of the problem, but not the other. For instance, the known public-key cryptography and digital signature techniques are often compromised, because the private keys are often embedded in the software modules. Further, the authentication process often cannot proceed while the modules are being executed. Consequently, when these modules are in memory, they are susceptible to stealth virus attacks. As has been shown, an improved method and apparatus is needed to ensure not only the integrity of the software modules, but also the secured execution of such modules.